From c7f7fdecbfeeeed7e945b11dec704d31b4d80330 Mon Sep 17 00:00:00 2001
From: imnyang <imnyang@pm.me>
Date: Sun, 31 May 2026 14:05:37 +0900
Subject: [PATCH] Refactor SSH key handling in deployment workflow for improved
 clarity and efficiency

---
 .forgejo/workflows/deploy.yml | 29 +++++++++--------------------
 1 file changed, 9 insertions(+), 20 deletions(-)

diff --git a/.forgejo/workflows/deploy.yml b/.forgejo/workflows/deploy.yml
index bb3a95d..2430726 100644
--- a/.forgejo/workflows/deploy.yml
+++ b/.forgejo/workflows/deploy.yml
@@ -7,36 +7,25 @@ jobs:
         run: uname -a
       - name: checkout code
         uses: actions/checkout@v4
-      - name: ssh-add
-        run: |
-          source /etc/bashrc
 
-          nix shell nixpkgs#openssh
+      - name: Setup SSH Key
+        run: |
           echo "${{ secrets.SSH_KEY }}" > ssh_key
           chmod 600 ssh_key
-          eval "$(ssh-agent -s)"
-          ssh-add ssh_key
 
       - name: Build
         run: |
           source /etc/bashrc
-
-          nix shell nixpkgs#bun
-
-          bun i
-          bun run build
+          nix shell nixpkgs#bun --run "bun i && bun run build"
+          
       - name: Deploy
         run: |
           source /etc/bashrc
+          # rsync의 ssh 옵션에 -i ssh_key를 직접 지정
+          nix shell nixpkgs#rsync nixpkgs#openssh --run \
+            "rsync -avz --delete -e 'ssh -i ssh_key -o StrictHostKeyChecking=no' dist/* imnyang@10.11.8.101:/var/static/imnya.ng/."
 
-          nix shell nixpkgs#rsync nixpkgs#openssh
-
-          rsync -avz --delete -e "ssh -o StrictHostKeyChecking=no" dist/* imnyang@10.11.8.101:/var/static/imnya.ng/.
       - name: Cleanup
+        if: always()
         run: |
-          source /etc/bashrc
-
-          nix shell nixpkgs#openssh
-
-          ssh-add -D ssh_key
-          rm ssh_key
\ No newline at end of file
+          rm -f ssh_key
\ No newline at end of file